12251 matches found
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the use of the cmpxchg serialization to access so-tx.buf. This vulnerability may lead to the...
Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013666)
"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013666 advisory. In the Linux kernel, the following vulnerability has been resolved: l2tp: Avoid possible recursive deadlock in l2tptunnelregister When a file descriptor of pppol2tp...
Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013791)
"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013791 advisory. In the Linux kernel, the following vulnerability has been resolved: can: hi311x: populate ndochangemtu to prevent buffer overflow Sending an PFPACKET allows to bypa...
Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013572)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013572 advisory. In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix NULL-ptr-deref in rxeqpdocleanup when socket create failed There is a null-ptr-dere...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013746)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013746 advisory. In the Linux kernel, the following vulnerability has been resolved: net/smc: Forward wakeup to smc socket waitqueue after fallback When we replace TCP with SMC and a...
Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013866)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013866 advisory. In the Linux kernel, the following vulnerability has been resolved: atm: Revert atmaccounttx if copyfromiterfull fails. In vccsendmsg, we account skb-truesize to...
Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013859)
"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013859 advisory. In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix memleak in skpsockqueuemsg If tcpbpfsendmsg is running during a tear down...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from improper handling of skb references when network namespace destruction occurs. This issue may lea...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013582)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013582 advisory. In the Linux kernel, the following vulnerability has been resolved: net: stream: purge skerrorqueue in skstreamkillqueues Changheon Lee reported TCP socket leaks, wi...
PT-2026-34422
In the Linux kernel, the following vulnerability has been resolved: xfrm: iptfs: fix skb put panic on non-linear skb during reassembly In iptfs reassem cont, IP-TFS attempts to append data to the new inner packet 'newskb' that is being reassembled. First a zero-copy approach is tried if it succee...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013841)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013841 advisory. In the Linux kernel, the following vulnerability has been resolved: net: rds: don't hold sock lock when cancelling work from rdstcpresetcallbacks syzbot is reporting...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the leakage of SKBs during asynchronous encryption with espintcp, potentially leading to memory...
EUVD-2026-24479
WWBN AVideo is an open source video platform. In versions 29.0 and prior, the YPTSocket plugin's WebSocket server relays attacker-supplied JSON message bodies to every connected client without sanitizing the msg or callback fields. On the client side, plugin/YPTSocket/script.js contains two eval...
Out-of-bounds Write
Overview Affected versions of this package are vulnerable to Out-of-bounds Write through asyncio.AbstractEventLoop.sockrecvfrominto in the Windows ProactorEventLoop datagram receive path. An attacker can trigger a ValueError-free out-of-bounds receive by supplying an nbytes value larger than the...
Regular Expression Denial of Service (ReDoS)
Overview signalk-server is an An implementation of a Signal K server for boats. Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS via the contextMatcher and pathMatcher functions. An attacker can cause the server to become unresponsive and exhaust CPU...
CVE-2026-3298
CVE-2026-3298 describes an out-of-bounds write in Windows-only asyncio.ProacterEventLoop.sock_recvfrom_into() when using the nbytes parameter. The root cause is a missing boundary check for the destination data buffer, enabling a write past the buffer size if incoming data exceeds it. Non-Windows...
CVE-2026-3298
The method "sockrecvfrominto" of "asyncio.ProacterEventLoop" Windows only was missing a boundary check for the data buffer when using nbytes parameter. This allowed for an out-of-bounds buffer write if data was larger than the buffer size. Non-Windows platforms are not affected...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011028)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011028 advisory. In the Linux kernel, the following vulnerability has been resolved: ntbnetdev: Use devkfreeskbany in interrupt context TX/RX callback handlers ntbnetdevtxhandler,...
Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011219)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011219 advisory. In the Linux kernel, the following vulnerability has been resolved: sctp: avoid NULL dereference when chunk data buffer is missing chunk-skb pointer is dereferenced ...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013342)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013342 advisory. In the Linux kernel, the following vulnerability has been resolved: afunix: Fix data races around sk-skshutdown. KCSAN found a data race around sk-skshutdown where...